Closed Bug 1727106 Opened 3 years ago Closed 3 years ago

AVIF with invalid reserved fields in HandlerBox (hdlr) are rejected as invalid

Categories

(Core :: Graphics: ImageLib, defect, P1)

Product:
Core
Component:
Graphics: ImageLib
Version:
Firefox 92
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1727033

People

(Reporter: Vash63, Assigned: jbauman)

References

(Blocks 1 open bug, Regression,
URL
)

Details

(Keywords: regression)

Attachments

(1 file)

default.avif
1.64 KB, image/avif
Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:92.0) Gecko/20100101 Firefox/92.0

Steps to reproduce:

Visited the page:

Actual results:

Images did not load

Expected results:

Images should have loaded

Mozregression results:
12:16.93 INFO: Last good revision: 0c7d036ab79c4bb37ad3c38ae5232c47e209eb84
12:16.93 INFO: First bad revision: bb07fcce356745addfc703bc043963f0abe7dea5
12:16.93 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=0c7d036ab79c4bb37ad3c38ae5232c47e209eb84&tochange=bb07fcce356745addfc703bc043963f0abe7dea5

This pointed me to the patch landing AVIF by default. I confirmed toggling image.avif.enabled from its default (true) to false fixed the web page after a manual refresh of the page.

Has Regression Range: --- → yes
Has STR: --- → yes
Component: Untriaged → ImageLib
Product: Firefox → Core
Regressed by: avif-default
Keywords: regression
Attached image default.avif

This file (and I assume all the other AVIFs on the site, if they were generated by the same writer) is invalid, which can be confirmed by https://gpac.github.io/ComplianceWarden-wasm/avif.html.

[isobmff][Rule #13] Error: 'hdlr box': reserved1 shall be 0 but value is 1383428980

As a workaround, it's possible to render this by setting image.avif.compliance_strictness to 0 in about:config. If possible, please reach out to the website author and encourage them to update their AVIF writer to one that generates valid output. It's likely that upgrading to a newer version of the same library is all that will be required.

Flags: needinfo?(Vash63)
Assignee: nobody → jbauman
Blocks: AVIF
Severity: -- → S3
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: -- → P1

To provide some additional context, the issue here is invalid input per ISOBMFF (ISO 14496-12:2020) § 8.4.3.2:

aligned(8) class HandlerBox extends FullBox('hdlr', version = 0, 0) {
    unsigned int(32) pre_defined = 0;
    unsigned int(32) handler_type;
    const unsigned int(32)[3] reserved = 0;
    utf8string name;
}

Based on the value that is present, I'm guessing these files were generated by cavif-rs. See https://github.com/kornelski/cavif-rs/issues/37 for more.

See Also: → https://github.com/kornelski/cavif-rs/issues/37
Summary: Images no longer loading on store website → AVIF with invalid reserved fields in HandlerBox (hdlr) are rejected as invalid
See Also: → 1727033
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE

Clearing my needinfo - as noted in bug #1727033 Cloudflare is already aware of the issue

Flags: needinfo?(Vash63)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: